Reactive Systems: Modelling, Specification and Verification - Cs.ioc.ee

More documents

Recommendations

Info

$Algorithmic melody composition based on fractal ... - cs.ioc.ee$

8 CHAPTER 1. INTRODUCTION prototype specification languages for reactive systems. They evolved from the insights of many outstanding researchers over the last thirty years, and a brief history of the evolution of the original ideas that led to their development may be found in (Baeten, 2005). (For an accessible, but more advanced, discussion of the role that algebra plays in process theory you may consult the survey paper (Luttik, 2006).) A crucial initial observation that is at the heart of the notion of process algebra is due to Milner, who noticed that concurrent processes have an algebraic structure. For example, once we have built two processes P and Q, we can form a new process by combining P and Q sequentially or in parallel. The result of these combinations will be a new process whose behaviour depends on that of P and Q and on the operation that we have used to compose them. This is the first sense in which these description languages are algebraic: they consist of a collection of operations for building new process descriptions from existing ones. Since these languages aim at specifying parallel processes that may interact with one another, a key issue that needs to be addressed is how to describe communication/interaction between processes running at the same time. Communication amounts to information exchange between a process that produces the information (the sender), and a process that consumes it (the receiver). We often think of this communication of information as taking place via some medium that connects the sender and the receiver. If we are to develop a theory of communicating systems based on this view, it looks as if we have to decide upon the communication medium used in inter-process communication. Several possible choices immediately come to mind. Processes may communicate via, e.g., (un)bounded buffers, shared variables, some unspecified ether, or the tuple spaces used by Linda-like languages (Gelernter, 1985). Which one do we choose? The answer is not at all clear, and each specific choice may in fact reduce the applicability of our language and the models that support it. A language that can properly describe processes that communicate via, say, FIFO buffers may not readily allow us to specify situations in which processes interact via shared variables, say. The solution to this riddle is both conceptually simple and general. One of the crucial original insights of figures like Hoare and Milner is that we need not distinguish between active components like senders and receivers, and passive ones like the aforementioned kinds of communication media. All of these may be viewed as processes—that is, as systems that exhibit behaviour. All of these processes can interact via message-passing modelled as synchronized communication, which is the only basic mode of interaction. This is the key idea underlying Hoare’s Communicating Sequential Processes (CSP) (Hoare, 1978; Hoare, 1985), a highly influential proposal for a programming language for parallel programs, and Milner’s Calculus of Communicating Systems (CCS) (Milner, 1989), the paradigmatic process algebra.
Chapter 2 The language CCS We shall now introduce the language CCS. We begin by informally presenting the process constructions allowed in this language and their semantics in Section 2.1. We then proceed to put our developments on a more formal footing in Section 2.2. 2.1 Some CCS process constructions It is useful to begin by thinking of a CCS process as a black box. This black box may have a name that identifies it, and has a process interface. This interface describes the collection of communication ports, also referred to as channels, that the process may use to interact with other processes that reside in its environment, together with an indication of whether it uses these ports for inputting or outputting information. For example, the drawing in Figure 2.1 pictures the interface for a process whose name is CS (for Computer Scientist). This process may interact with its environment via three ports, or communication channels, namely coffee, coin and pub. The port coffee is used for input, whereas the ports coin and pub are used by process CS for output. In general, given a port name a, we use ā for output on port a. We shall often refer to labels as coffee or coin as actions. A description like the one given in Figure 2.1 only gives static information about a process. What we are most interested in is the behaviour of the process being specified. The behaviour of a process is described by giving a ‘CCS program’. The idea being that, as we shall see soon, the process constructions that are used in building the program allow us to describe both the structure of a process and its behaviour. Inaction, prefixing and recursive definitions Let us begin by introducing the constructs of the language CCS by means of examples. The most basic process of 9
Page 1: Reactive Systems: Modelling, Specif
Page 4 and 5: iv CONTENTS 5 Hennessy-Milner logic
Page 7 and 8: List of Figures 2.1 The interface f
Page 9: List of Tables 2.1 An alternative f
Page 12 and 13: xii PREFACE It has been very satisf
Page 14 and 15: xiv PREFACE a textbook, and offers
Page 16 and 17: xvi PREFACE studies in Edinburgh, a
Page 19: Part I A classic theory of reactive
Page 22 and 23: 4 CHAPTER 1. INTRODUCTION After hav
Page 24 and 25: 6 CHAPTER 1. INTRODUCTION • softw
Page 28 and 29: 10 CHAPTER 2. THE LANGUAGE CCS ✬
Page 30 and 31: 12 CHAPTER 2. THE LANGUAGE CCS Exer
Page 36 and 37: 18 CHAPTER 2. THE LANGUAGE CCS CS d
Page 38 and 39: 20 CHAPTER 2. THE LANGUAGE CCS Sinc
Page 40 and 41: 22 CHAPTER 2. THE LANGUAGE CCS a p
Page 42 and 43: 24 CHAPTER 2. THE LANGUAGE CCS •
Page 44 and 45: 26 CHAPTER 2. THE LANGUAGE CCS Defi
Page 46 and 47: 28 CHAPTER 2. THE LANGUAGE CCS we h
Page 48 and 49: 30 CHAPTER 2. THE LANGUAGE CCS This
Page 50 and 51: 32 CHAPTER 2. THE LANGUAGE CCS 2. D
Page 52 and 53: 34 CHAPTER 2. THE LANGUAGE CCS To b
Page 55 and 56: Chapter 3 Behavioural equivalences
Page 57 and 58: 3.1. CRITERIA FOR A GOOD BEHAVIOURA
Page 59 and 60: 3.2. TRACE EQUIVALENCE: A FIRST ATT
Page 61 and 62: 3.3. STRONG BISIMILARITY 43 trace e
Page 63 and 64: 3.3. STRONG BISIMILARITY 45 Obvious
Page 65 and 66: 3.3. STRONG BISIMILARITY 47 So, by
Page 67 and 68: 3.3. STRONG BISIMILARITY 49 Theorem
Page 69 and 70: 3.3. STRONG BISIMILARITY 51 The imp
Page 71 and 72: 3.3. STRONG BISIMILARITY 53 Conclud
Page 73 and 74: 3.3. STRONG BISIMILARITY 55 3. the
Page 75 and 76: 3.3. STRONG BISIMILARITY 57 Recall
Page 77 and 78:
3.3. STRONG BISIMILARITY 59 B 2 0
Page 79 and 80:
3.4. WEAK BISIMILARITY 61 Is there
Page 81 and 82:
3.4. WEAK BISIMILARITY 63 Start pu
Page 83 and 84:
3.4. WEAK BISIMILARITY 65 Our order
Page 85 and 86:
3.4. WEAK BISIMILARITY 67 Send def
Page 87 and 88:
3.4. WEAK BISIMILARITY 69 Show that
Page 89 and 90:
3.4. WEAK BISIMILARITY 71 In light
Page 91 and 92:
3.5. GAME CHARACTERIZATION OF BISIM
Page 93 and 94:
CHAPTER 3.5. GAME CHARACTERIZATION
Page 95 and 96:
Page 97 and 98:
Page 99 and 100:
3.6. FURTHER RESULTS ON EQUIVALENCE
Page 101:
3.6. FURTHER RESULTS ON EQUIVALENCE
Page 104 and 105:
86 CHAPTER 4. THEORY OF FIXED POINT
Page 106 and 107:
Page 108 and 109:
Page 110 and 111:
Page 112 and 113:
Page 114 and 115:
Page 116 and 117:
Page 119 and 120:
Chapter 5 Hennessy-Milner logic In
Page 121 and 122:
103 We are interested in using the
Page 123 and 124:
105 of the one step transitions a
Page 125 and 126:
1. Decide whether the following sta
Page 127 and 128:
109 Note that logical negation is n
Page 129 and 130:
111 Another example of a process th
Page 131 and 132:
a s s1 b s2 b a a t b t1 b t
Page 133 and 134:
Chapter 6 Hennessy-Milner logic wit
Page 135 and 136:
CHAPTER 6. HML WITH RECURSION 117 e
Page 137 and 138:
CHAPTER 6. HML WITH RECURSION 119
Page 139 and 140:
6.1. EXAMPLES OF RECURSIVE PROPERTI
Page 141 and 142:
6.2. SYNTAX AND SEMANTICS OF HML WI
Page 143 and 144:
6.2. SYNTAX AND SEMANTICS OF HML WI
Page 145 and 146:
6.3. LARGEST FIXED POINTS AND INVAR
Page 147 and 148:
6.4. GAME CHARACTERIZATION FOR HML
Page 149 and 150:
Page 151 and 152:
Page 153 and 154:
6.5. MUTUALLY RECURSIVE EQUATIONAL
Page 155 and 156:
6.5. MUTUALLY RECURSIVE EQUATIONAL
Page 157 and 158:
6.6. CHARACTERISTIC PROPERTIES 139
Page 159 and 160:
Page 161 and 162:
Page 163 and 164:
Page 165 and 166:
Page 167 and 168:
6.7. MIXING LARGEST AND LEAST FIXED
Page 169 and 170:
Page 171 and 172:
Page 173 and 174:
6.8. FURTHER RESULTS ON MODEL CHECK
Page 175 and 176:
Chapter 7 Modelling and analysis of
Page 177 and 178:
CHAPTER 7. MODELLING MUTUAL EXCLUSI
Page 179 and 180:
CHAPTER 7. MODELLING MUTUAL EXCLUSI
Page 181 and 182:
7.1. SPECIFYING MUTUAL EXCLUSION IN
Page 183 and 184:
7.2. SPECIFYING MUTUAL EXCLUSION US
Page 185 and 186:
7.2. SPECIFYING MUTUAL EXCLUSION US
Page 187 and 188:
7.3. TESTING MUTUAL EXCLUSION 169 i
Page 189 and 190:
7.3. TESTING MUTUAL EXCLUSION 171 D
Page 191 and 192:
7.3. TESTING MUTUAL EXCLUSION 173 1
show all

Reactive Systems: Modelling, Specification and Verification - Cs.ioc.ee

Create successful ePaper yourself

Delete template?

Save as template?